Splunk Platform Alerts when a Kubernetes Pod Is in Crash Loop

Kubernetes features a readiness probe to determine whether your pod is ready to accept traffic. If it isn't becoming ready, Kubernetes tries to solve it by restarting the underlying container and hoping to achieve its readiness eventually. If this isn't working, Kubernetes will eventually back off to restart the container, and the Kubernetes resource remains non-functional.

Structure

First, check that the Splunk platform alert responsible for tracking non-ready containers is not in a firing state. As soon as one of the containers is crash looping, caused by the crash loop attack, the Splunk platform alert should fire and escalate it to your on-call team.

Solution Sketch

Kubernetes liveness, readiness, and startup probes

How to use this template?

Import via Hub Connection

Steadybit’s Reliability Hub is already connected to your platform. If you are an admin, you can just easily import templates with just one click.

Import template

Are you on-prem?

This is how you import Templates

Import as Experiment

Simply download the template and upload it as an experiment to use it once. Perfect if you are no administrator in the platform and just want to use the template once.

.json (4KB)

Used Actions

See all

>_ boost your chaos journey Connect Your Hub to Steadybit

Maximise Steadybit potential! Connect your own Hub to the platform and smoothly import your own templates: using them it’s never been this easy!

Splunk Platform Alerts when a Kubernetes Pod Is in Crash Loop

Splunk Platform Alerts when a Kubernetes Pod Is in Crash Loop

Splunk Platform Alerts when a Kubernetes Pod Is in Crash Loop

Splunk Platform Alerts when a Kubernetes Pod Is in Crash Loop

Structure

Solution Sketch

alert check

Cause Crash Loop

Kubernetes Event Logs

Pod Count Metrics